Looking at shadow IT through a new lens

Depending on who you ask, shadow IT, also known as stealth IT, falls somewhere on the spectrum between “persistent headache” and “total mystery.”

Shadow IT refers to any technology – hardware, software, infrastructure, you name it – that is used in an organization, but is not administered by that organization’s IT department.

Because shadow IT does not go through the IT department’s procurement process, it may or may not abide by the organization’s security and compliance policies.

The risk can be distilled into three categories: access, insight and integration.

Shadow IT is a fact of life, a force you couldn’t simply banish with a security policy. And even if you could, you shouldn’t; while shadow IT does pose security and compliance risks, it’s often the primary driver of innovation and productivity gains. 97 percent of IT teams surveyed by Entrust Datacard said their employees were more productive when allowed to use their preferred tools, and 80 percent said their companies should deploy more tools suggested by employees.

So the challenge for teams tasked to “do something about all this shadow IT” is therefore not to eliminate it – it’s to analyze it, minimize the risks, and maximize the benefits. This all requires balance; cohesive policy balanced with a strong company culture of collective accountability.

Full article